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Amendments to the Claims 



1. (Currently amended) Mi^fMtid A method of securing messages 
exchanged over a data transmission network between a server (1) and a small 
client (2) . the small client comprising a smart card or a mobile 
communication system, wherein the small client [[that]] does not have the 
resources necessary for providing security functions, the method being 
performed under the control of an authority that defines message exchange 
rules, the method comprising providing ^Mfii^ control ii pHytHAM in a 
decentralized manner by a representative (3) of the authority, and setting 
up communication between the client and the server only via the 
representative of the authority, wherein the representative of the 
authority is inserted permanently into the network in the vicinity of the 
client (2) and between the server (1) and the client (2) during the secure 
exchange of messages, and wherein the representative of the authority 
translates ti ttiMliti IHMMttM messages transmitted between the server 
and the client and 16 ^^li/ applies verifications decided on by the 
authority to said transmitted messages. 

2. (Currently amended) MtY\M The method according to claim 1. 
further comprising using M^HH a first protocol (P) ii iiM for exchanges 
between the server (1) and the representative (3) of the authority, and 
using a second protocol (P') different from the first protocol (P) ii 

for exchanges between the representative (3) of the authority and the 
client (2). 
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3. (Currently amended) MtMA The method according to claim 1, 
mMW Uf tU mum «5f MUma further comprising: 

setting up a first secure channel (4) ii iikt between the server (1) 
and the representative (3) of the authority, using a first key (Ks) known 
to the representative (3) of the authority and to the server (1) but not to 
the client (2), and using a first encryption algorithm (AL), and 

setting up a second secure channel (5) it iit between the 
representative (3) of the authority and the client (2). using a second key 
(Kc) known to the representative (3) of the authority and to the client (2) 
but not to the server (1). and using a second encryption algorithm (AL'). 

4. (Currently amended) MySUi A device comprising f6f HHtH^ 
Mttmi mUi\m ^Ut i tm imtMUm UtUt^ UUm a server (1) 
and a small client (2) that does not have the resources necessary for 
providing [[the]] a security function, the small client comprising a smart 
card or a mobile communication system, the small client being under the 
control of an authority that defines message exchange rules, the device 
also comprising means for securing messages exchanged over a data 
transmission network between the server and the small client, the securing 
means comprising a decentralized control device or representative (3) of 
the authority, the representative of the authority being inserted 
permanently into the network in the vicinity of the client (2) and between 
the server (1) and the client (2) during the secure exchange of messages, 
to set UP communication between the client and the server only via the 
representative of the authority, to translate tfiiixiMVL^'L messages 
transmitted between the server and the client , and to apply verifications 
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decided on by the authority to said transmitted messages. 

5. (Currently amended) The device according to claim 4, 
wherein the decentralized control device or representative (3) of the 
authority is a data processing microsystem secured by hardware, inserted 
permanently between the server (1) and the client (2) during the exchange 
of messages. 

6. (Currently amended) M)Hti The device according to claim 5, 
wherein: 

the server (1) is a data processing system comprising an input -output 
port (la); 

the client (2) is a data processing microsystem comprising an input- 
output port (12); 

the representative (3) of the authority is a data processing 
microsystem secured by hardware and comprising an interface device (13); 

a dedicated interface system (7) is provided, comprising an input- 
output port (8) connected to the input -output port (la) of the server data 
processing system (1), comprising a card port (9) connected to the input- 
output port (12) of the client data processing microsystem (2), comprising 
an input-output port (10) connected to the interface device (13) of the 
representative (3) of the authority data processing microsystem, and 
comprising a controller (11) programmed to control communication between 
the input-output ports (8). (9) and (10); 

the controller (11) and the representative (3) of the authority are 
programmed so that: 

the server data processing system (1) sends a request A to the client 
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data processing microsystem (2), and that request is received by the 
controller (11); 

the controller (11) transmits the request A to the representative (3) 
of the authority, which sends it back a response Ra; 

the controller (11) uses that response Ra to calculate a request A' 
that is sent to the client data processing microsystem (2); 

the client data processing microsystem (2) processes the request A' to 
prepare a response B' ; 

the client data processing microsystem (2) sends the response B' to 
the server data processing system (1): that response is received by the 
controller (11); 

the controller (11) transmits the response B' to the representative 
(3) of the authority, which sends it back a response Rb; 

the controller (11) uses that response Rb to calculate a response B 
that is sent to the server data processing system (1). 

7. (Currently amended) MTtUi The device according to claim 6, 
wherein: 

the client (2) is a f i rst smart card; 

the representative (3) of the authority is a second smart card; 
the dedicated interface system is a smart card reader (7) comprising 
two card ports (9) and (10). 

8. (Currently amended) M^tiii The device according to claim 6. 
wherein: 

the client (2) is a mobile communication system; 
the server (1) is a data processing system communicating with the 
client (2) via a physical connection or via a wireless communication 
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network; 

the representative (3) of the authority is a smart card representing 
the operator of the wireless communication network (known as the SIM card 
in telephones conforming to the GSM standard). 

9. (Currently amended) The device according to claim 6, 

wherein: 

the client (2) is a smart card; 

the representative (3) of the authority is a data processing system 
secured by hardware; 

the dedicated interface system (7) is a machine comprising a card port 
(9) and a dedicated input-output interface (10) for connection to the 
representative (3) of the authority data processing system. 
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